Black Duck

The software supply chain is under siege. 65% of orgs were hit by supply chain attacks last year—proof that traditional defenses aren't cutting it. Our new report breaks down: • How well companies actually secure their software supply chains • Why compliance-first strategies create stronger security foundations • The need to validate SBOMs for real transparency • Lowering risk with integrated AppSec tools and automated SDLC scanning • Why AI governance must be baked into your security practices Download the report: https://bit.ly/4j9hB5L

"Dealing with privacy requirements should be thought of as establishing a guidebook for teams to know when they are on the safe side of the line and encourage them to engage if they find themselves straying closer to the line.” Tim Mackey, Head of Software Supply Chain Risk Strategy at Black Duck https://bit.ly/3YUIf96

Thank you for being part of our journey. Your trust and partnership inspires everything we do, and we can't wait to see what incredible things we will build together next year.

The Black Duck report shows that organizations with strong software development fundamentals—dependency tracking, software bill-of-materials (SBOM) validation, automation, and compliance maturity—position themselves far better to manage this risk. https://bit.ly/44PknHu

Meet Black Duck Signal. A transformative agentic AI solution that solves the noise crisis in AppSec by identifying the issues that matter most to your organization and fixing them for you. https://bit.ly/4s1jeGS

Black Duck research reveals 95% of organizations use AI tools to generate code, yet only 24% apply security evaluations to that AI-generated code. Jason Schmitt, CEO at Black Duck, discusses this risk with Steve Zurier at SC Media. https://bit.ly/3Ydcic3

🎉 What a PARTY! 🎉 Our Japan team hosted the best year-end celebration ever! Great food, quiz games and a band featuring our own rockstar employees. Here's to an incredible 2025 and an even better 2026!

Year in review: Black Duck edition We're ending 2025 with some seriously exciting milestones: • 1,400+ global employees • Welcomed 240 new teammates across 14 offices in 10 countries • Built something special together Thank you to everyone who contributed to this incredible journey. You're the reason we're crushing it 🙌 2026, we're ready for you 💪🚀

🚨Webinar alert🚨 Join us on Jan 21 @12:00 p.m. ET for the webinar: The 2025 Open Source Year in Review. Gain insights into important legal developments from open source experts, Tony Decicco, Principal at GTC Law Group & Affiliates, Chris Stevenson, Of Counsel at DLA Piper and Phil Odence, General Manager Audits at Black Duck. We will highlight the significant legal developments related to open source software in 2025, focusing on topics that were resolved, those that got started, and what we can expect to see in coming years. Register now before spots fill up 👉 https://bit.ly/4q1RL6c

The software supply chain is under siege. 65% of orgs were hit by supply chain attacks last year—proof that traditional defenses aren't cutting it. Our new report breaks down: • How well companies actually secure their software supply chains • Why compliance-first strategies create stronger security foundations • The need to validate SBOMs for real transparency • Lowering risk with integrated AppSec tools and automated SDLC scanning • Why AI governance must be baked into your security practices Download the report: https://bit.ly/4j9hB5L